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IN THE CLAIMS 

Please cancel claims 1, 4-9, 18, and 21-26, corresponding to the 
Examiner's Groups I and II. Please find provided below a complete listing of the claims 
pending in the application and their status. 

1 . (Canceled) A m e thod for providing incr e as e d trust for s e cur e 
r e lationship bas e d transactions betw e en (1) a cli e nt using a client comput e r 
microproc e ssor platform and (2) at l e ast on e r e mot e s e rver, comprising the st e ps of: 

(a) e mploying a trust e d s e rver configur e d to acc e pt at l e ast on e public 
k e y datum, wh e r e in e ach said public k e y datum is sp e cifically associat e d with th e cli e nt 
platform as part of a public/privat e k e y pair for th e platform, w r her e in e ach said 
public/privat e k e y pair may b e generat e d using at least on e of: (i) th e cli e nt platform; or 
(ii) th e trust e d s e rv e r; 

(b) associating additional approval data with said public k e y datum to 
id e ntify said public k e y datum as having b ee n approved by th e trust e d s e rv e r which 
acc e pts said public k e y datum; 

(c) making availabl e to the r e mot e s e rv e r said public k e y datum and 
said associat e d additional approval data, th e r e mot e serv e r b e ing configur e d to recogniz e 
trustworthy additional approval data from said trust e d server for approval of said public 
k e y datum as trustworthy; 

(d) associating r e mot e server specific data with said approved public 
k e y datum, wh e r e in said associat e d remot e server - sp e cific data is us e d in conjunction 
with th e cli e nt platform privat e k e y associated with said public k e y datum, wherein 
through cli e nt platform communication with said trust e d s e rv e r, said trusted s e rv e r is 
mad e awar e of at l e ast on e utilization of th e cli e nt platform privat e k e y with s e rv e r 
sp e cific data from said r e mot e s e rv e r, giving said trust e d serv e r opportunity to accept or 
r e j e ct th e association of said public k e y datum with said remot e s e rv e r, and to provide or 
d e ny an assuranc e . 
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2. (Original) A method for enhancing trust for transactions between 
(1) a client using a client computer microprocessor platform and (2) a remote server, the 
method employing at least one trusted server, the method comprising the steps of: 

(a) transferring data from the remote server to a trusted server, said 
transferred data including at least one secret datum, wherein said transfer is effected in 
conjunction with data transfer security provisions; 

(b) providing from said trusted server to the client platform a function 
of a portion of said transferred data, wherein said portion includes at least a part of said at 
least one secret datum, wherein the transferring trusted server provides a value of said 
function to the client platform encrypted by at least one key recognizable by said trusted 
server as associated with the client platform deemed trustworthy, the client platform 
being operational to decrypt said encrypted function value; and 

(c) allowing said value of said function to be securely shared between 
the remote server and the client platform. 

3. (Original) The method of claim 2, wherein said value of said 
function provided to the client platform from said trusted server is dependent on 
attributes of the client platform as known to said trusted server. 

4. (Canceled) A m e thod for trust e d d e liv e ry of computer obj e ct data 
to a cli e nt comput e r microproc e ssor platform, wh e r e in a r e mot e s e rv e r suppli e s source 
data of which th e deliver e d obj e ct data is a function, th e method comprising th e steps of: 

(a) id e ntifying a s e cr e t datum, distinct from the obj e ct data, that is 
known to th e r e mot e s e rv e r, said secr e t datum being mad e available to a trusted s e rver 
and b e ing id e ntifi e d with a uniqu e tag; 

(b) causing sourc e data to b e submitt e d to said trust e d s e rv e r in 
association with s aid uniqu e tag; 

(c) providing for us e at a client platform th e comput e r obj e ct data 
d e riv e d from said submitt e d source data, wh e r e in th e obj e ct data is associat e d with a 
signatur e comput e d by said trust e d s e rver, and wh e r e in said signatur e is a function f ^-ef 
said obj e ct data. 
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5 . (Canceled) The method of claim 4 , wh e r e in said signatur e furth e r 

compris e s: 

(ii) a function k of the obj e ct data, and wh e r e in calculation of said 
function f^ of th e obj e ct data giv e n knowl e dg e of th e object data r e quir e s accurate 
knowl e dg e of said s e cr e t datum. 

6. (Canceled) Th e method of claim 4 , wh e r e in said signatur e furth e r 

compris e s: 

(ii) a function f^ of data, wh e r e in a function value i s available to said 
trust e d s e rv e r, and wh e r e in a function f^ of data is provid e d to the r e mot e s e rv e r, and 
wh e rein calculation of said function k of data giv e n knowl e dg e of function f^ of said data 
and knowl e dg e of th e obj e ct data r e quir e s accurate knowl e dg e of said secret datum. 

7. (Canceled) Th e method of claim 6, wh e r e in said data is g e n e rat e d 
at l e ast in part randomly by said trusted s e rv e r. 

8. (Canceled) Th e m e thod of claim 6, wherein computation of said 
function k of said data giv e n knowl e dg e of said data and knowl e dg e of th e obj e ct data 
r e quir e s accurat e knowl e dge of said s e cr e t datum. 

9. (Canceled) Th e method of claim 6, wh e rein computation of said 
function f^ of said data giv e n knowl e dg e of said data and knowl e dg e of th e obj e ct data 
r e quir e s accurate knowl e dge of said s e cr e t datum. 

10. (Original) A method for providing control of computer object data 
deriving from source data associated with a remote server, the object data being usable by 
a plurality of clients using client computer microprocessor platforms, comprising the 
steps of: 

(a) identifying a first datum associated with a unique tag, said first 
datum and associated tag being known to the remote server; 
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(b) associating with said first datum and tag a second datum, said 
second datum being provided by a trusted server which is configured to store information 
reflecting said first datum and tag and said second datum; 

(c) binding computer object data to a value computed as a function of 
a derived datum, wherein said derived datum comprises at least one of (A) data indicative 
of said first datum and (B) data indicative of said second datum, wherein said binding is 
performed by said trusted server; 

(d) associating for the remote server: (i) additional data of the remote 
server; with (ii) at least one of (C) data indicative of said first datum and (D) data 
indicative of said second datum; and with (iii) said associated tag, to form an additional 
data bundle; 

(e) submitting said additional data bundle to said trusted server and if 
said bundle is verified as consistent with said stored information regarding said first 
datum and tag and said second datum as stored by the trusted server, associating said 
derived datum with functions of said data bundle for delivery to a client platform. 

11. (Original) The method of claim 10, wherein said first datum 
comprises a secret datum. 

12. (Original) The method of claim 10, wherein said derived datum 
comprises an encryption key. 

13. (Original) The method of claim 10, wherein said first datum 
comprises a secret datum and said derived datum comprises an encryption key. 

14. (Original) A method for providing control of computer object data 
deriving from source data associated with a remote server, the object data being usable by 
a plurality of clients using client computer microprocessor platforms, comprising the 
steps of: 

(a) identifying a first datum associated with a unique tag, said first 
datum and associated tag being known to the remote server; 
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(b) binding computer object data to a value computed as a function of 
a derived datum, wherein said derived datum comprises data indicative of said first 
datum, wherein said binding is performed by a trusted server wherein said trusted server 
is configured to store information reflecting said first datum and tag; 

(c) associating for the remote server: (i) additional data of the remote 
server, including data indicative of said first datum; with (ii) said associated tag, to form 
an additional data bundle; 

(d) submitting said additional data bundle to said trusted server and if 
said bundle is verified as consistent with said stored information regarding said first 
datum and tag as stored by the trusted server, associating said derived datum with 
functions of said data bundle for delivery to a client platform. 

15. (Original) The method of claim 14, wherein said first datum 
comprises a secret datum. 

16. (Original) The method of claim 14, wherein said derived datum 
comprises an encryption key. 

17. (Original) The method of claim 14, wherein said first datum 
comprises a secret datum and said derived datum comprises an encryption key. 

18. (Canceled) A system for providing incr e as e d trust for s e cur e 
r e lationship based transactions, comprising: 

at l e ast one remot e s e rver; 

a data communications link op e rationally coupl e d with said at least 

on e r e mot e s e rver; 

a trust s e rv e r configur e d to acc e pt at l e ast one public k e y datum 
operationally coupl e d with said data communications link; 

a cli e nt comput e r microproc e ssor platform operationally coupl e d with 
said trust s e rv e r, wh e r e in said cli e nt comput e r microproc e ssor platform is supplied with 
programming op e rabl e to 

-6- 



AP34367 (070998.0486) 
PATENT 

e mploy said trust e d s e rv e r configured to accept at l e ast one public k e y 
datum, wh e r e in e ach said public k e y datum is sp e cifically as s ociat e d with th e cli e nt 
platform as part of a public/private k e y pair for th e platform, wh e rein e ach said 
public/privat e k e y pair may b e g e n e rat e d using at l e ast on e of: (i) th e client platform; or 
(ii) th e trusted s e rv e r; 

associate additional approval data with said public k e y datum to 
id e ntify said public key datum as having b ee n approv e d by th e trust e d s e rv e r which 
acc e pts said public k e y datum; 

mak e availabl e to th e r e mot e s e rv e r said public k e y datum and said 
associat e d additional approval data, th e r e mot e s e rv e r b e ing configur e d to r e cogniz e 
trustworthy additional approval data from said trusted s e rv e r for approval of said public 
key datum as trustworthy; 

associate r e mote s e rv e r sp e cific data with said approv e d public k e y 
datum, wh e r e in said associated r e mot e s e rver sp e cific data is us e d in conjunction with 
th e cli e nt platform privat e k e y associated with said public k e y datum, wher e in through 
cli e nt platform communication with said trusted s e rv e r, said trust e d s e rver is mad e awar e 
of at l e ast on e utilization of th e cli e nt platform privat e k e y with s e rver sp e cific data from 
said r e mote s e rv e r, giving said trusted s e rv e r opportunity to accept or r e j e ct the 
association of said public k e y datum with said remote s e rv e r, and to provid e or d e ny an 
assuranc e . 

19. (Original) A system for providing increased trust for secure 
relationship-based transactions, comprising: 
at least one remote server; 

a data communications link operationally coupled with said at least 

one remote server; 

a client computer microprocessor platform operationally coupled with 
said data communications link, 

a trusted server operationally coupled with said data communications 
link, wherein said trust server is supplied with programming operable to 
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transfer data from the remote server to the trusted server, said 
transferred data including at least one secret datum, wherein said transfer is effected in 
conjunction with data transfer security provisions; 

provide from said trusted server to the client computer microprocessor 
platform a function of a portion of said transferred data, wherein said portion includes at 
least a part of said at least one secret datum, wherein the transferring trusted server 
provides a value of said function to the client platform encrypted by at least one key 
recognizable by said trusted server as associated with the client platform deemed 
trustworthy, the client platform being operational to decrypt said encrypted function 
value; and 

allow said value of said function to be securely shared between the 
remote server and the client platform. 

20. (Original) The system of claim 19, wherein said value of said 
function provided to the client computer microprocessor platform from said trusted server 
is dependent on attributes of the client computer microprocessor as known to said trusted 
server. 

2 1 . (Canceled) A syst e m for trust e d d e liv e ry of comput e r object data, 

comprising: 

at l e ast one r e mot e s e rv e r; 

a data communications link op e rationally coupl e d with said at l e ast 

on e r e mot e s e rv e r; 

a cli e nt comput e r microprocessor platform op e rationally coupl e d with 
said data communications link, 

a trust e d s e rv e r op e rationally coupl e d with said data communications 
link, wh e r e in said trust s e rv e r and said cli e nt computer microproc e ssor platform ar e 
suppli e d with programming togeth e r operabl e to 

identify a s e cr e t datum, distinct from th e obj e ct data, that is known to 
th e r e mot e s e rver, said s e cr e t datum b e ing mad e availabl e to a trust e d s e rver and b e ing 
id e ntifi e d with a uniqu e tag; 
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caus e sourc e data to b e submitt e d to said trust e d s e rv e r in association 
with said uniqu e tag; 

provid e for us e at a cli e nt comput e r microproc e ssor platform th e 
comput e r obj e ct data d e riv e d from said submitt e d sourc e data, wh e r e in the obj e ct data is 
associat e d with a signature comput e d by said trust e d s e rv e r, and wh e r e in said signatur e is 
a function f+ of said obj e ct data. 

22. (Canceled) Th e system of claim 21, wher e in said signatur e furth e r 
compris e s a function of the obj e ct data, and wherein calculation of said function fe -ef 
th e obj e ct data given knowl e dg e of th e obj e ct data r e quir e s accurat e knowl e dg e of said 
secr e t datum. 

23. (Canceled) The syst e m of claim 21, wh e r e in said signatur e further 
compris e s a function f^ of data, wh e r e in a function value is availabl e to said trust e d 
server, and wher e in a function f^ of data is provid e d to th e r e mot e s e rv e r, and wh e r e in 
calculation of said function of data giv e n knowl e dg e of function of said data and 
knowl e dg e of th e obj e ct data r e quir e s accurat e knowl e dg e of said secr e t datum. 

24. (Canceled) Th e syst e m of claim 23, wh e r e in said data is g e nerat e d 
at l e ast in part randomly by said trust e d s e rv e r. 

25. (Canceled) Th e syst e m of claim 23, wh e r e in computation of said 
function £ of said data giv e n knowl e dg e of said data and knowl e dg e of th e obj e ct data 
r e quir e s accurat e knowl e dg e of said s e cr e t datum. 

26. (Canceled) Th e syst e m of claim 23, wh e r e in computation of said 
function fj . of said data giv e n knowl e dg e of said data and knowledg e of th e obj e ct data 
r e quir e s accurat e knowl e dg e of said s e cr e t datum. 



27. (Original) A system for providing control of computer object data 
deriving from source data associated with a remote server, comprising: 



. - . AP34367 (070998.0486) 

PATENT 

a plurality of client computer microprocessor platforms; 

a data communications link operationally coupled with said client 
computer microprocessor platform; 

a trusted server operationally coupled with said data communications 
link, wherein said trusted server and said client computer microprocessor platform are 
supplied with programming operable to 

identify a first datum associated with a unique tag, said first datum and 
associated tag being known to the remote server; 

associate with said first datum and tag a second datum, said second 
datum being provided by said trusted server which is configured to store information 
reflecting said first datum and tag and said second datum; 

bind computer object data to a value computed as a function of a 
derived datum, wherein said derived datum comprises at least one of (A) data indicative 
of said first datum and (B) data indicative of said second datum, wherein said binding is 
performed by said trusted server; 

associate for the remote server: (i) additional data of the remote server; 
with (ii) at least one of (C) data indicative of said first datum and (D) data indicative of 
said second datum; and with (iii) said associated tag, to form an additional data bundle; 

submit said additional data bundle to said trusted server and if said 
bundle is verified as consistent with said stored information regarding said first datum 
and tag and said second datum as stored by the trusted server, associating said derived 
datum with functions of said data bundle for delivery to said client computer 
microprocessor platform. 

28. (Original) The system of claim 27, wherein said first datum 
comprises a secret datum. 

29. (Original) The system of claim 27, wherein said derived datum 
comprises an encryption key. 
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30. (Original) The system of claim 27, wherein said first datum 
comprises a secret datum and said derived datum comprises an encryption key. 

31. (Original) A system for providing control of computer object data 
deriving from source data associated with a remote server, comprising: 

a plurality of client computer microprocessor platforms; 

a data communications link operationally coupled with said client 
computer microprocessor platform; 

a trusted server operationally coupled with said data communications 
link, wherein said trusted server and said client computer microprocessor platform are 
supplied with programming operable to 

identify a first datum associated with a unique tag, said first datum and 
associated tag being known to the remote server; 

bind computer object data to a value computed as a function of a 
derived datum, wherein said derived datum comprises data indicative of said first datum, 
wherein said binding is performed by said trusted server, and wherein said trusted server 
is configured to store information reflecting said first datum and tag; 

associate for the remote server: (i) additional data of the remote server 
including data indicative of said first datum with (ii) said associated tag, to form an 
additional data bundle; 

submit said additional data bundle to said trusted server and if said 
bundle is verified as consistent with said stored information regarding said first datum 
and tag as stored by the trusted server, associating said derived datum with functions of 
said data bundle for delivery to said client computer microprocessor platform. 

32. (Original) The system of claim 31, wherein said first datum 
comprises a secret datum. 



33. (Original) The system of claim 31, wherein said derived datum 
comprises an encryption key. 
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34. (Original) The system of claim 31, wherein said first datum 
comprises a secret datum and said derived datum comprises an encryption key. 
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